Third-Parties and the Protection of Sensitive Information: Is Your Organization Lacking Contractual Assurances?
A recent GAO report has revealed that federal agencies utilizing contracted workers are failing to implement contractual assurances with third-parties regarding the protection of sensitive information. GAO auditors examined the contracting practices of three of the largest federal agencies and of those three, only one (DHS) required third-party companies to sign standard contracts requiring the contractors to follow best practices in safeguarding sensitive information. In a recent data breach, a TSA contractor allegedly provided a Boston couple the social security numbers for more than a dozen TSA workers. Third-parties are increasingly responsible for data breaches, but most often, the hiring agency or company willRead More →